EDIT - Latest information from Microsoft.
More information about Backdoor.Ginwui.
---------------------------------------------------------------------

Hackers have launched an assault on an undocumented vulnerability that is present in Microsoft Word, according to Symantec.  The hackers are attacking selected targets with this vulnerability but I would expect to see this become more widespread over the next few days.

The hack works like this.  An email is sent that contains a file that appears to be a Word document (this is currently detected my Symantec as Trojan.Mdropper.H).  When the document is opened this  file drops a Trojan onto the system (called Backdoor.Ginwui).  This backdoor installs a rootkit in order to hide itself and gives the hackers access to the system.

The best advice it to be wary of any untrusted Word documents - anything you don't expect to receive, delete.  Also, keep your anti-virus scanners up-to-date. 

It might be a good idea for business (I'm specifically thinking of small office/home office outfits) to carry out scans on Monday morning with the latest virus definitions and to carefully check all Word files that have come in over the weekend.

Technorati Tags: Microsoft Word, Symantec, Trojan.Mdropper.H, Backdoor.Ginwui, Word

This entry was posted on Friday, May 19th, 2006 at 16:15 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.